package com.qfedu.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
        //配置认证
        http.formLogin()
                //哪个URL为登陆界面
                .loginPage("/")
                //当发现什么URL时执行登陆逻辑
                .loginProcessingUrl("/login")
                //成功后跳转到哪里
                .successForwardUrl("/success")
                //失败后跳转到哪里
                .failureForwardUrl("/fail");
        //设置URL的授权问题
        //多个条件取交集
        http.authorizeRequests()
                //匹配 / 控制器 permitAll() 不需要被认证就可以访问
                .antMatchers("/").permitAll()
                //anyRequest()所有请求 authenticated()必须被认证
                .anyRequest().authenticated();
        //关闭csrf
        http.csrf().disable();
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
}
